The document summarizes key aspects of policy enforcement for cyber security including critical infrastructure protection, e-governance initiatives, the roles and training frequencies for different user types, and an overview of India's National Cyber Security Policy from 2013. It discusses threats like the Target and Google incidents and how interconnectivity increases vulnerability which policy aims to address through awareness training tailored to roles like privileged users, normal users and administrators.

1. PolicyEnforcement
Sanjay Sahay, IPS.,
ADGP, Police Computer Wing,
Bangalore

3. PEOPLE
PROCESSES
TECHNOLOGY

5. Cyber threats
• Target hacked
compromised up to 40
million steal encrypted
personal identification numbers
• Google to Pay $17M Settlement Over Secret Safari UserTracking
$17 million settlement
secretly circumvented Safari's default
privacy settings to plant cookies

7. Critical Infrastructure
• Critical infrastructures
banking financial
telecommunications energy
transmission
interconnectivity the Internet

8. eGovernance
Critical infrastructure

9. • Users are more vulnerable
Spear
Phishing Social Engineering attack
organization level security awareness
training

10. Role Based
• Priviledged users
• Normal users
• System
administrators
• System developers
• Information security
• Awareness trainers
Frequency
• Regular
• Content updation
• Security bulletin
• Security Alerts

11. National Cyber Security Policy 2013
DSCI Analysis

12. National Cyber Security Policy 2013
a drop down
or
bottoms up

14. • Enhanced Security Awareness
• Adoption of Security Policy
• The capability and effectiveness of the Govt. reach
would be decided by its capability of creating right IT
tools and deliver secure services

15. ThankYou!